# ================================ PLEASE READ =========================================================== # This file outlines all the possible environment variables supported by the Sure app for self hosting. # # If you're a developer setting up your local environment, please use `.env.local.example` instead. # ======================================================================================================== # Required self-hosting vars # -------------------------------------------------------------------------------------------------------- # Enables self hosting features (should be set to true unless you know what you're doing) SELF_HOSTED=true # Controls onboarding flow (valid: open, closed, invite_only) ONBOARDING_STATE=open # Secret key used to encrypt credentials (https://api.rubyonrails.org/v7.1.3.2/classes/Rails/Application.html#method-i-secret_key_base) # Has to be a random string, generated eg. by running `openssl rand -hex 64` SECRET_KEY_BASE=secret-value # Optional self-hosting vars # -------------------------------------------------------------------------------------------------------- # Optional: OpenAI-compatible API endpoint config OPENAI_ACCESS_TOKEN= OPENAI_MODEL= OPENAI_URI_BASE= # Optional: Langfuse config LANGFUSE_HOST=https://cloud.langfuse.com LANGFUSE_PUBLIC_KEY= LANGFUSE_SECRET_KEY= # Optional: Twelve Data API Key for exchange rates + stock prices # (you can also set this in your self-hosted settings page) # Get it here: https://twelvedata.com/ TWELVE_DATA_API_KEY= # Optional: Provider selection for exchange rates and securities data # Options: twelve_data (default), yahoo_finance # EXCHANGE_RATE_PROVIDER=twelve_data # SECURITIES_PROVIDER=twelve_data # Alternative: Use Yahoo Finance as provider (free, no API key required) EXCHANGE_RATE_PROVIDER=yahoo_finance SECURITIES_PROVIDER=yahoo_finance # Brandfetch to grab logos for banks and merchants BRAND_FETCH_CLIENT_ID= # Custom port config # For users who have other applications listening at 3000, this allows them to set a value puma will listen to. PORT=3000 # SMTP Configuration # This is only needed if you intend on sending emails from your Sure instance (such as for password resets or email financial reports). # Resend.com is a good option that offers a free tier for sending emails. SMTP_ADDRESS= SMTP_PORT=465 SMTP_USERNAME= SMTP_PASSWORD= SMTP_TLS_ENABLED=true # Address that emails are sent from EMAIL_SENDER= # Database Configuration DB_HOST=localhost # May need to be changed to `DB_HOST=db` if using devcontainer DB_PORT=5432 POSTGRES_PASSWORD=postgres POSTGRES_USER=postgres # Redis configuration # Standard Redis URL (for direct connection) REDIS_URL=redis://localhost:6379/1 # Redis Sentinel configuration (for high availability) # When REDIS_SENTINEL_HOSTS is set, it takes precedence over REDIS_URL # REDIS_SENTINEL_HOSTS=sentinel1:26379,sentinel2:26379,sentinel3:26379 # REDIS_SENTINEL_MASTER=mymaster # REDIS_SENTINEL_USERNAME=default # REDIS_PASSWORD=your-redis-password # App Domain # This is the domain that your Sure instance will be hosted at. It is used to generate links in emails and other places. APP_DOMAIN= # OpenID Connect configuration OIDC_CLIENT_ID= OIDC_CLIENT_SECRET= OIDC_ISSUER= OIDC_REDIRECT_URI= # Product/Brand Name PRODUCT_NAME= BRAND_NAME= # PostHog configuration POSTHOG_KEY= POSTHOG_HOST= # Disable enforcing SSL connections # DISABLE_SSL=true # Active Record Encryption Keys (Optional) # These keys are used to encrypt sensitive data like API keys in the database. # For managed mode: Set these environment variables to provide encryption keys. # For self-hosted mode: If not provided, they will be automatically generated based on your SECRET_KEY_BASE. # You can generate your own keys by running: rails db:encryption:init # ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY= # ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY= # ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT= # ====================================================================================================== # Active Storage Configuration - responsible for storing file uploads # ====================================================================================================== # # * Defaults to disk storage but you can also use Amazon S3 or Cloudflare R2 # * Set the appropriate environment variables to use these services. # * Ensure libvips is installed on your system for image processing - https://github.com/libvips/libvips # # Amazon S3 # ========== # ACTIVE_STORAGE_SERVICE=amazon <- Enables Amazon S3 storage # S3_ACCESS_KEY_ID= # S3_SECRET_ACCESS_KEY= # S3_REGION= # defaults to `us-east-1` if not set # S3_BUCKET= # # Cloudflare R2 # ============= # ACTIVE_STORAGE_SERVICE=cloudflare <- Enables Cloudflare R2 storage # CLOUDFLARE_ACCOUNT_ID= # CLOUDFLARE_ACCESS_KEY_ID= # CLOUDFLARE_SECRET_ACCESS_KEY= # CLOUDFLARE_BUCKET= # # Generic S3 # ========== # ACTIVE_STORAGE_SERVICE=generic_s3 <- Enables Generic S3 storage # GENERIC_S3_ACCESS_KEY_ID= # GENERIC_S3_SECRET_ACCESS_KEY= # GENERIC_S3_REGION= # GENERIC_S3_BUCKET= # GENERIC_S3_ENDPOINT= # GENERIC_S3_FORCE_PATH_STYLE= <- defaults to false